FS#47667 : [sshguard] threshold and -l parameters

FS#47667 - [sshguard] threshold and -l parameters

Attached to Project: Community Packages
Opened by till busch (buti) - Friday, 08 January 2016, 09:48 GMT
Last edited by Sergej Pupykin (sergej) - Friday, 08 January 2016, 13:05 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	Sergej Pupykin (sergej)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

for some reason the threshold parameter in -b has become mandatory, also the semantics of -l has changed. please consider the following changes:

remove -l- from sshguard-journalctl

rationale:
sshguard will parse stdin if no -l option is given. it will also not do excessive logging. this means you can remove this "patch"/hack:

sed -i 's|sshguard_log(LOG_INFO, "Refreshing sources showed|sshguard_log(LOG_DEBUG, "Refreshing sources showed|' src/sshguard_logsuck.c

change threshold for blacklisting to 120

rationale:
i think 120 was the previous default. while 40 blacklists the ip forever immediately 120 will block temporarily two times and blacklist on the third attack – each attack being 4 (?) failed logins.

0001-remove-l-option.patch (0.7 KiB)

0002-increase-threshold-to-bl... (0.9 KiB)

This task depends upon

Closed by Sergej Pupykin (sergej)
Friday, 08 January 2016, 13:05 GMT
Reason for closing: Fixed

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#47667 - [sshguard] threshold and -l parameters

Details

Loading...